Memory Ops
ReviewAudited by ClawScan on May 10, 2026.
Overview
This is a coherent memory tool, but it requires saving and reusing every prompt and delegation in a persistent global PostgreSQL memory with weak user scoping and no retention controls.
Install only if you intentionally want a persistent PostgreSQL memory system. Before using it, change the hardcoded user/scope values, add explicit save/forget controls, define retention and redaction rules, and run the SQL only in a database you control.
Findings (4)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
Private conversation content may be stored long-term and later reused in other tasks, including outdated, sensitive, or incorrect context.
The skill requires persisting user prompt context, delegation prompts, delegation results, and audit data every turn. It says not to save secrets unnecessarily, but does not define opt-in, redaction, deletion, retention, or task boundaries.
3. Salvar contexto do prompt do usuário. 4. Salvar contexto de cada delegação enviada para agentes. 5. Registrar auditoria do ciclo
Make memory writes explicit or opt-in, redact secrets by default, add retention and deletion controls, and scope saved memory to the current user/project/task.
If used outside the original personal setup or in a shared database, prompts and retrieved memories could be mixed across users or projects.
Memory reads and writes are bound to a fixed user and global scope instead of a current authenticated user or workspace.
WHERE user_id = 'ian' ... VALUES ( 'ian', 'global', 'chat', :prompt_content, ... 'agent','jarvis' ... )
Parameterize user, agent, and scope values; isolate memories per user/workspace; and use least-privilege database roles or row-level security.
Stored instructions or poisoned memories could influence future answers and delegated work beyond the user's current request.
The skill makes retrieved memory mandatory input before ordinary responses or delegations, which can cause stored memory content to steer behavior even when irrelevant or not requested.
## Protocolo obrigatório (sempre) 1. Consultar memória principal antes de responder ou delegar. 2. Responder/delegar com contexto recuperado.
Treat retrieved memory as advisory, not authoritative; allow users to disable memory for a turn; and show or summarize what memory was used.
Running the SQL can create database extensions, tables, and indexes in the selected database.
The visible SQL setup mutates a PostgreSQL database schema. This is expected for a PostgreSQL memory skill, but it requires database write/extension privileges.
CREATE EXTENSION IF NOT EXISTS vector; CREATE TABLE IF NOT EXISTS memories (...); CREATE TABLE IF NOT EXISTS memory_audit (...)
Review the SQL first, run it only in the intended Memory_openclaw database, and use a database role with only the permissions needed.